Total
29893 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0564 | 2 Debian, Roaring Penguin | 2 Debian Linux, Pppoe | 2026-04-16 | N/A |
| Roaring Penguin pppoe (rp-ppoe), if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe "is NOT designed to run setuid-root." Therefore this identifier applies *only* to those configurations and installations under which pppoe is run setuid root despite the developer's warnings. | ||||
| CVE-2004-0414 | 6 Cvs, Gentoo, Openbsd and 3 more | 6 Cvs, Linux, Openbsd and 3 more | 2026-04-16 | N/A |
| CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution. | ||||
| CVE-2003-0308 | 2 Debian, Sendmail | 2 Debian Linux, Sendmail | 2026-04-16 | N/A |
| The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl. | ||||
| CVE-2001-0574 | 1 Jason Rahaim | 1 Mp3mystic | 2026-04-16 | N/A |
| Directory traversal vulnerability in MP3Mystic prior to 1.04b3 allows a remote attacker to download arbitrary files via a '..' (dot dot) in the URL. | ||||
| CVE-2004-0415 | 3 Linux, Redhat, Trustix | 4 Linux Kernel, Enterprise Linux, Fedora Core and 1 more | 2026-04-16 | N/A |
| Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory. | ||||
| CVE-2001-0578 | 1 Sco | 1 Openserver | 2026-04-16 | N/A |
| Buffer overflow in lpforms in SCO OpenServer 5.0-5.0.6 can allow a local attacker to gain additional privileges via a long first argument to the lpforms command. | ||||
| CVE-2003-0313 | 1 Snowblind.net | 1 Snowblind Web Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Snowblind Web Server 1.0 allows remote attackers to list arbitrary directory contents via a ... (triple dot) in an HTTP request. | ||||
| CVE-2001-0579 | 1 Sco | 1 Openserver | 2026-04-16 | N/A |
| lpadmin in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow attack in the first argument to the command. | ||||
| CVE-2003-0314 | 1 Snowblind.net | 1 Snowblind Web Server | 2026-04-16 | N/A |
| Snowblind Web Server 1.0 allows remote attackers to cause a denial of service (crash) via a URL that ends in a "</" sequence. | ||||
| CVE-2003-0318 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the Statistics module for PHP-Nuke 6.0 and earlier allows remote attackers to insert arbitrary web script via the year parameter. | ||||
| CVE-2001-0583 | 1 Alt-n | 1 Mdaemon | 2026-04-16 | N/A |
| Alt-N Technologies MDaemon 3.5.4 allows a remote attacker to create a denial of service via the URL request of a MS-DOS device (such as GET /aux) to (1) the Worldclient service at port 3000, or (2) the Webconfig service at port 3001. | ||||
| CVE-2001-0589 | 1 Juniper | 1 Netscreen Screenos | 2026-04-16 | N/A |
| NetScreen ScreenOS prior to 2.5r6 on the NetScreen-10 and Netscreen-100 can allow a local attacker to bypass the DMZ 'denial' policy via specific traffic patterns. | ||||
| CVE-2001-0590 | 1 Apache | 1 Tomcat | 2026-04-16 | N/A |
| Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0). | ||||
| CVE-2001-0594 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| kcms_configure as included with Solaris 7 and 8 allows a local attacker to gain additional privileges via a buffer overflow in a command line argument. | ||||
| CVE-2003-0319 | 1 Smartmax Software | 1 Mailmax | 2026-04-16 | N/A |
| Buffer overflow in the IMAP server (IMAPMax) for SmartMax MailMax 5.0.10.8 and earlier allows remote authenticated users to execute arbitrary code via a long SELECT command. | ||||
| CVE-2006-3313 | 1 Netsoft | 1 Smartnet | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.jsp in Netsoft smartNet 2.0 allows remote attackers to inject arbitrary web script or HTML via the keyWord parameter. | ||||
| CVE-2006-3314 | 1 Rahnemaco | 1 Rahnemaco | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in page.php in an unspecified RahnemaCo.com product, possibly eShop, allows remote attackers to execute arbitrary PHP code via a URL in the pageid parameter. | ||||
| CVE-2006-3317 | 1 Spiffyjr | 1 Phpraid | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in phpRaid 3.0.6 allows remote attackers to execute arbitrary code via a URL in the phpraid_dir parameter to (1) announcements.php and (2) rss.php, a different set of vectors and affected versions than CVE-2006-3316 and CVE-2006-3116. | ||||
| CVE-2001-0598 | 1 Symantec | 1 Norton Ghost | 2026-04-16 | N/A |
| Symantec Ghost 6.5 and earlier allows a remote attacker to create a denial of service by sending large (> 45Kb) amounts of data to the Ghost Configuration Server on port 1347, which triggers an error that is not properly handled. | ||||
| CVE-2006-2037 | 1 Thwboard | 1 Thwboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Thwboard 3.0 Beta 2.84 allows remote attackers to inject arbitrary web script or HTML via the navpath parameter. | ||||